How do I exercise my Privacy Rights?
If you wish to access personal data about yourself or exercise any of the rights listed below, please submit a request to ESTA by using the contact details identified in the “How to contact us” section below. Alternatively, if you are located in the EU, you may also contact EDC at the address mentioned in the Introduction of this Notice, which will then transfer your request to ESTA.
We will review your request and respond as quickly as possible, but please note that we may still use any aggregated and de-identified Personal Data that does not identify a data subject and use your Personal Data, as needed, to comply with our legal obligations, resolve disputes, and enforce our agreements.
Right of access:
You have the right to obtain confirmation as to whether your personal data is processed, and, if so, to request access to such personal data as well as other information about such processing that are also contained in this policy. Before we may provide access, we will first require verification of your identity to help ensure security of the data.
Right to rectification:
You have the right to have inaccurate personal data about yourself rectified or completed if it is incomplete.
Right to erasure (‘right to be forgotten’):
You have the right to request that we erase your personal data.
Right to restriction of processing:
You have the right to request from us that we limit the way we use your personal data.
Right to data portability:
You have the right to receive the personal data you provided, in a structured, commonly used, and machine-readable form and to transmit that data to another controller or to have it transmitted directly from us to another controller.
Right to object:
You have the right to object, on grounds relating to your particular situation, at any time, to the processing of your personal data and we may have to stop processing your data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims. You have the right to object, at any time, to the processing of your personal for direct marketing purposes.
Read more about Data Subjects Rights Policy
International data transfers
ESTA is a company that operates globally. Because of this fact, Personal Data from individuals who visit our Websites, use our Products, and/or use our Services or otherwise interact with us may be transferred and accessed from around the world, such as from countries where ESTA, its Affiliates, or our service providers operate.
We will always protect your Personal Data in accordance with this Notice wherever it is processed. ESTA does not voluntarily or actively transfer or disclose our customers’ Personal Data to the government or law enforcement authorities (the “Authorities”) and/or otherwise grant any Authorities access to your Personal Data. In the event of a request from the Authorities, we have procedures and controls in place to make sure that any such request is assessed according to our internal policy on data protection.
Information for users in the European Economic Area (“EEA”) or in the United Kingdom (“UK”):
Operating globally, ESTA may transfer Personal Data from the EEA or the UK to the United States, Costa Rica and other countries, including Personal Data we receive from individuals residing in the EEA or the UK who visit our Websites and/or use our Services or otherwise interact with us.
In cases where ESTA may transfer your Personal Data outside the EEA or UK, it relies on:
- Adequacy Decisions:
- European Commission, based on Article 45 of Regulation (EU) 2016/679 (GDPR)
- UK Secretary of State, based on Article 45 of the UK GDPR and Section 17A of the Data Protection Act 2018; or
- Standard Contractual Clauses:
- European Commission
- Information Commissioner’s Office (ICO)
The European Commission and the ICO have determined that the above Standard Contractual Clauses may provide sufficient safeguards to protect personal data transferred outside the EEA and the UK. For more information, please visit https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en and https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/.
ESTA performs transfer impact assessments and monitors such transfers to help ensure they maintain a level of protection that is essentially equivalent to the one provided by the European and UK data protection laws.
Appendix for Argentina
MOTIVA ARGENTINA S.R.L., CUIT 30-71655700-2, domiciled at Av. Leandro N. Alem 882, (CP1001), Ciudad Autónoma Buenos Aires, Argentina (“MOTIVA ARGENTINA”) is responsible for the processing of your personal data and is the controller of such data. Your personal data will be processed for the provision of the Always Confident Warranty, Replacement Policy, the Extended Warranty Program and to contact you with information we deem you will find relevant and/or useful.
When providing your personal data, you understand that some data is mandatory in order for MOTIVA ARGENTINA to comply with its legal obligations, while the collection and provision of other data is completely voluntary as it is intended to carry out the relationship and allow you access to certain benefits and programs. The provision of false or inaccurate information may result in MOTIVA ARGENTINA´s inability to provide you with certain benefits, to comply with its legal obligations, or even to begin or continue, the warranty program.
You also understand and consent that your personal data may be transferred to countries or jurisdictions that may not have the same level of data protection of that existing in Argentina and, consequently, may offer less protection.
The Agency of Access to Public Information, in its capacity as the Control Agency of Law No. 25.326, is responsible for dealing with complaints and claims filed by data subjects whose rights are affected by non-compliance with the regulations in force regarding the protection of personal data.
Links to other websites
This website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information that you provide while visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and refer to the privacy statement applicable to the website in question.
How to contact us
Controller’s Contact Information:
Establishment Labs® S.A.
Coyol Free Zone, B15
Alajuela, Costa Rica
European Distribution Center Motiva BV, Nijverheidsstraat 96
2160 Wommelgem, Belgium
+32 3 432 41 70
Data Protection Officer: